Splunk Enterprise Security and ManageEngine Log360 compete in the security information and event management (SIEM) category. Based on user feedback, Splunk shows dominance due to its comprehensive features, extensive analytics, and scalability, while Log360 is preferred for its user-friendly interface and efficient threat detection, suiting organizations needing straightforward operations.
Features: Splunk Enterprise Security is known for its comprehensive log management, rapid search capabilities, and scalability in complex environments. It excels in operational intelligence to prevent outages and offers powerful search processing capabilities with SPL. Splunk integrates easily and supports extensive data source compatibility with sophisticated real-time alerts. ManageEngine Log360 provides a straightforward interface, competent threat response and detection, and efficiently manages security tasks. It emphasizes application logs monitoring and task centralization.
Room for Improvement: Splunk Enterprise Security could enhance operational workflow, improve user interface intuitiveness, and bolster integration with VMware and security devices. Users seek better visualization and security administration features. ManageEngine Log360 can improve by offering more user-friendly training materials, detailed deployment documentation, and enhanced data retention capabilities with broader integration with network equipment.
Ease of Deployment and Customer Service: Splunk Enterprise Security offers flexible deployment options, including Public Cloud, Hybrid, and On-premises, though it requires technical expertise. Its support community is helpful, but premium support is costly. ManageEngine Log360 focuses on On-premises and Hybrid Cloud with ease of deployment, effective customer service, and affordable pricing. It is praised for its simple setup but needs better integration and documentation.
Pricing and ROI: Splunk Enterprise Security is perceived as expensive, with pricing based on data volume, making it challenging for smaller companies. However, its extensive feature set justifies the cost for large enterprises seeking high ROI. In contrast, ManageEngine Log360 offers competitive pricing, balancing cost and functionality, which attracts organizations with budget limitations. While Splunk delivers high ROI through vast capabilities, Log360 provides value via cost-effective operations for many scenarios.
Splunk's cost is justified for large environments with extensive assets.
If you want to write your own correlation rules, it is very difficult to do, and you need Splunk's support to write new correlation rules for the SIEM tool.
The technical support for Splunk met my expectations.
They struggle a bit with pure virtual environments, but in terms of how much they can handle, it is pretty good.
It provides a stable environment but needs to integrate with ITSM platforms to achieve better visibility.
It is very stable.
What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel.
Splunk Enterprise Security would benefit from a more robust rule engine to reduce false positives.
Splunk could enhance its offerings by incorporating modules for network detection and response and fraud management.
I saw clients spend two million dollars a year just feeding data into the Splunk solution.
The platform requires significant financial investment and resources, making it expensive despite its comprehensive features.
Splunk is priced higher than other solutions.
Splunk Enterprise Security's most valuable features are its stability and the robust Splunk Search Processing Language.
They have approximately 50,000 predefined correlation rules.
The Splunk Enterprise Security's threat-hunting capabilities have been particularly useful in later releases.
Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer and ADAudit Plus into a single console to help you manage your Active Directory auditing and network security easily.
Splunk Enterprise Security is widely used for security operations, including threat detection, incident response, and log monitoring. It centralizes log management, offers security analytics, and ensures compliance, enhancing the overall security posture of organizations.
Companies leverage Splunk Enterprise Security to monitor endpoints, networks, and users, detecting anomalies, brute force attacks, and unauthorized access. They use it for fraud detection, machine learning, and real-time alerts within their SOCs. The platform enhances visibility and correlates data from multiple sources to identify security threats efficiently. Key features include comprehensive dashboards, excellent reporting capabilities, robust log aggregation, and flexible data ingestion. Users appreciate its SIEM capabilities, threat intelligence, risk-based alerting, and correlation searches. Highly scalable and stable, it suits multi-cloud environments, reducing alert volumes and speeding up investigations.
What are the key features?Splunk Enterprise Security is implemented across industries like finance, healthcare, and retail. Financial institutions use it for fraud detection and compliance, while healthcare organizations leverage its capabilities to safeguard patient data. Retailers deploy it to protect customer information and ensure secure transactions.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
